Knowledge based authentication (KBA) offers
several advantages to traditional (conventional) forms of e-authentication
like passwords, PKI and biometrics. KBA is a particularly useful tool
to remotely authenticate individuals who conduct business electronically
with Federal agencies or businesses infrequently. In these situations,
other authentication tools such as passwords and PKI certificates can
be expensive to administer for the application provider and difficult
to use for the remote individual. By successfully participating in a series
of KBA challenge-response queries, the identity of an individual can be
established without delay. However, the complexity and interdependencies
of KBA solutions used make it difficult to quantify the level of assurance
that a remote user is who he claims to be. NIST is hosting this symposium
to help identify standard authentication metrics that can be applied to
KBA tools and solutions.